Cybersecurity Operations Analyst (Infrastructure Specialist Associate - PN 20098661)

About The Position

Requirements

• 18 months combined work exp. &/or trg. In any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating a single technology domain.
• Or successful completion of IT Apprenticeship program at designated agency.
• Or completion of associate core program in computer science or information systems.

Nice To Haves

• Undergraduate or advanced degree in Computer Science or Information Systems
• Experience with security event response (review and triage security events, respond to appropriate parties, assist with remediation and documentation efforts)
• Experience with Vulnerability Management Tools (e.g. Qualys)
• Experience with cybersecurity platforms for endpoint detection, threat intelligence, and incident response (e.g., Crowdstrike)
• Experience with Security Information and Event Management (SIEM) platform (e.g. Google SecOps+)
• Experience with DevOps tools (e.g., Azure DevOps, GitHub)
• Experience with static code scanning tools (e.g., Checkmarx, CXone)
• Experience collaborating with IT teams to support vulnerability remediation efforts (e.g., tracking vulnerabilities, support basic risk assessment activities by gathering information, reviewing scan results, and confirming vulnerability details)

Responsibilities

• Assist higher level security staff with security operations
• Monitor enterprise security tools such as Security Information and Event Management platforms, endpoint detection systems, and vulnerability management solutions
• Research security events by gathering additional context from logs, threat intelligence sources, and internal systems
• Review and triage security alerts to identify potential threats, suspicious behavior, or policy violations
• Assist with proactive security activities including vulnerability scanning, patch tracking, and security health reporting
• Assist with identifying and tracking application vulnerabilities by reviewing scanning results, dependency reports, and secure coding findings
• Collaborate with development teams to support remediation efforts, including verifying fixes, rescanning applications, and ensuring secure coding practices are followed
• Collaborate with IT teams to support broader security initiatives
• Develop and maintain ad-hoc utilities or reports to automate processes